From 66662bc399d4e34838024904299c308c3af41e82 Mon Sep 17 00:00:00 2001 From: Sean Parkinson Date: Tue, 25 Mar 2025 08:11:03 +1000 Subject: [PATCH] ML-KEM/Kyber: mlkem_encapsulate not to return a value Don't return a value from mlkem_encapsulate() to ensure code is just the maths. --- wolfcrypt/src/wc_mlkem.c | 2 +- wolfcrypt/src/wc_mlkem_poly.c | 13 ++++--------- wolfssl/wolfcrypt/wc_mlkem.h | 2 +- 3 files changed, 6 insertions(+), 11 deletions(-) diff --git a/wolfcrypt/src/wc_mlkem.c b/wolfcrypt/src/wc_mlkem.c index e325af22a..61f7111e3 100644 --- a/wolfcrypt/src/wc_mlkem.c +++ b/wolfcrypt/src/wc_mlkem.c @@ -788,7 +788,7 @@ static int mlkemkey_encapsulate(MlKemKey* key, const byte* m, byte* r, byte* c) /* Perform encapsulation maths. * Steps 18-19, 21: calculate u and v */ - ret = mlkem_encapsulate(key->pub, u, v, a, y, e1, e2, mu, k); + mlkem_encapsulate(key->pub, u, v, a, y, e1, e2, mu, k); } #else /* WOLFSSL_MLKEM_ENCAPSULATE_SMALL_MEM */ if (ret == 0) { diff --git a/wolfcrypt/src/wc_mlkem_poly.c b/wolfcrypt/src/wc_mlkem_poly.c index 48d52c182..320e8121f 100644 --- a/wolfcrypt/src/wc_mlkem_poly.c +++ b/wolfcrypt/src/wc_mlkem_poly.c @@ -1348,7 +1348,7 @@ void mlkem_keygen(sword16* s, sword16* t, sword16* e, const sword16* a, int k) * @return 0 on success. * */ -int mlkem_encapsulate(const sword16* t, sword16* u , sword16* v, +void mlkem_encapsulate(const sword16* t, sword16* u , sword16* v, const sword16* a, sword16* y, const sword16* e1, const sword16* e2, const sword16* m, int k) { @@ -1418,8 +1418,6 @@ int mlkem_encapsulate(const sword16* t, sword16* u , sword16* v, /* Add errors and message to v and reduce. * Step 21: v <- InvNTT(t_hat_trans o y_hat) + e_2 + mu) */ mlkem_add3_reduce(v, e2, m); - - return 0; } #endif /* !WOLFSSL_MLKEM_NO_ENCAPSULATE || !WOLFSSL_MLKEM_NO_DECAPSULATE */ @@ -1666,7 +1664,7 @@ int mlkem_keygen_seeds(sword16* s, sword16* t, MLKEM_PRF_T* prf, * @param [in] k Number of polynomials in vector. * @return 0 on success. */ -static int mlkem_encapsulate_c(const sword16* pub, sword16* u, sword16* v, +static void mlkem_encapsulate_c(const sword16* pub, sword16* u, sword16* v, const sword16* a, sword16* y, const sword16* e1, const sword16* e2, const sword16* m, int k) { @@ -1701,8 +1699,6 @@ static int mlkem_encapsulate_c(const sword16* pub, sword16* u, sword16* v, sword16 t = v[i] + e2[i] + m[i]; v[i] = MLKEM_BARRETT_RED(t); } - - return 0; } /* Encapsulate message. @@ -1718,7 +1714,7 @@ static int mlkem_encapsulate_c(const sword16* pub, sword16* u, sword16* v, * @param [in] k Number of polynomials in vector. * @return 0 on success. */ -int mlkem_encapsulate(const sword16* pub, sword16* u, sword16* v, +void mlkem_encapsulate(const sword16* pub, sword16* u, sword16* v, const sword16* a, sword16* y, const sword16* e1, const sword16* e2, const sword16* m, int k) { @@ -1726,12 +1722,11 @@ int mlkem_encapsulate(const sword16* pub, sword16* u, sword16* v, if (IS_INTEL_AVX2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0)) { mlkem_encapsulate_avx2(pub, u, v, a, y, e1, e2, m, k); RESTORE_VECTOR_REGISTERS(); - return 0; } else #endif { - return mlkem_encapsulate_c(pub, u, v, a, y, e1, e2, m, k); + mlkem_encapsulate_c(pub, u, v, a, y, e1, e2, m, k); } } diff --git a/wolfssl/wolfcrypt/wc_mlkem.h b/wolfssl/wolfcrypt/wc_mlkem.h index d1cf904b2..ee6c9c878 100644 --- a/wolfssl/wolfcrypt/wc_mlkem.h +++ b/wolfssl/wolfcrypt/wc_mlkem.h @@ -163,7 +163,7 @@ int mlkem_keygen_seeds(sword16* priv, sword16* pub, MLKEM_PRF_T* prf, #endif #ifndef WOLFSSL_MLKEM_ENCAPSULATE_SMALL_MEM WOLFSSL_LOCAL -int mlkem_encapsulate(const sword16* pub, sword16* bp, sword16* v, +void mlkem_encapsulate(const sword16* pub, sword16* bp, sword16* v, const sword16* at, sword16* sp, const sword16* ep, const sword16* epp, const sword16* m, int kp); #else